Retired Senior (now termed Chief) District Judge Richard Magnus to chair the COI

The cybersecurity attack on SingHealth’s IT system, resulting in the exfiltration of 1.5 million patients’ non-medical personal data and 160,000 patients’ dispensed medicines data, is the most serious breach of personal data that Singapore has experienced.

2 The Cyber Security Agency (CSA)’s investigations have established that the attack was deliberate, targeted and carefully planned. It was not the work of casual hackers or criminal gangs. Prime Minister Lee Hsien Loong’s personal particulars and outpatient medication data were specifically and repeatedly targeted.

Committee of Inquiry

3 This incident has serious public health and safety implications. Therefore, the Minister-in-Charge of Cybersecurity, Mr S Iswaran, will convene a Committee of Inquiry (COI) under Section 9 of the Inquiries Act (Cap 139A). Mr Richard Magnus, a retired Senior (now termed Chief) District Judge and member of the Public Service Commission, has agreed to chair the COI.

4 The COI will establish the events and contributory factors leading to the cybersecurity attack, and the incident response. It will also recommend measures to better manage and secure SingHealth’s and other public sector IT systems against similar cybersecurity attacks in future.

5 The COI’s composition and Terms of Reference will be announced at a later date.

Government to Take Immediate Actions to Strengthen IT Systems

6 Meanwhile, the Government will take immediate action to strengthen our IT systems against similar cybersecurity attacks. The Minister-in-Charge of Cybersecurity has directed CSA to work closely with all 11 key sectors1 to enhance the cybersecurity of their Critical Information Infrastructure systems.

7 The Smart Nation and Digital Government Group (SNDGG) has completed a scan of all government systems and found no evidence of compromise. SNDGG will pause the introduction of new ICT systems while it reviews the cybersecurity measures of government systems, and implements any additional security safeguards which are necessary.

Ensuring Cybersecurity in the Digital Age

8 While we will do our utmost to secure our IT systems from attack, unfortunately we cannot completely eliminate the risk of another cybersecurity attack. Every country is under threat, and the attackers are constantly developing new techniques and probing for fresh weaknesses in IT systems. However, we must not allow this incident, or any others like it, to derail our plans for a Smart Nation. We must adapt ourselves to operate effectively and securely in the digital age, to deliver better public services, enhance our economic competitiveness, and create good jobs and opportunities for Singaporeans.

9 The Government takes with utmost seriousness its responsibility of ensuring the security of public sector IT systems and databases. We will learn from the experience of this deliberate and sophisticated cybersecurity attack, and implement measures to better secure our public sector IT systems and databases, and uphold public trust in our systems.

[1]Energy, Water, Banking and Finance, Healthcare, Transport (which includes Land, Maritime, and Aviation), Infocomm, Media, Security and Emergency Services, and Government.

Speech by Ms Sim Ann, Senior Minister of State, Ministry of Communications & Information and Ministry of Culture, Community and Youth at the Singapore University of Social Sciences (SUSS) Convocation Ceremony (Session Five – School of Humanities and Behavioural Sciences) on 12 October 2018 Speeches Public Comms 12 Oct 18
Keynote Address by Dr Janil Puthucheary, Senior Minister of State, Ministry of Communications & Information and Transport, at CPA Congress 2018 Speeches Cyber Security 11 Oct 18
MCI's response to PQ on Regulation on Collation and Use of Behavioural Data Parliament QAs Personal Data 02 Oct 18
MCI's response to PQ on NRIC Advisory Guidelines Parliament QAs Personal Data 01 Oct 18
Speech by Ms Sim Ann, Senior Minister of State, Ministry of Communications and Information and Chairman of the National Translation Committee at the Inaugural Awards Ceremony for the Translation Talent Development Scheme Co-Sponsorship Grant on 25 September 2018 Speeches Public Comms 25 Sep 18
Speech by Minister S Iswaran, Minister for Communications and Information, at the National Infocomm Media Award Ceremony 2018 on 25 September 2018 Speeches Infocomm Media 25 Sep 18